4. ``has`` and ``of`` keyword is added to ``if`` in template. You can check permission as::

{% if user has 'blog.add_entry' %}

You can add entry

{% endif %} {% if object and user has 'blog.change_entry' of object or user has 'blog.delete_entry' of object %}

{% if user has 'blog.change_entry' of object %}

You can change this entry.

{% endif %} {% if user has 'blog.delete_entry' of object %}

You can delete this entry.

{% endif %}

{% endif %}

.. Note:: If you don't want django-permission to replace builtin ``if`` tag, set ``PERMISSION_REPLATE_BUILTIN_IF`` to ``False`` in your ``settings.py``. Then you have to use ``{% permission %}`` templatetag as::

{% permission user has 'blog.add_entry' %}

You can add entry

{% endpermission %}

``{% permission %}`` tag is exactuly same as ``{% if %}`` thus you can use ``{% elpermission %}`` for ``{% elif %}`` and ``{% else %}``.

5. ``permission_required`` decorator is used for object permission checking. You can use the decorator as::

see more details in document comments on ``permission/decorators/__init__.py``

Role?==========

django-permission has role based permission system. visit your django admin page to create/modify roles (See the screenshots below).The role permissions are handled with ``permission.backends.RoleBackend``.

.. Note:: Role based permission system does not support object permission and anonymous permission. However these permissions are handled with Individual handler based permission backend (``permission.backends.PermissionBackend``)

``PermissionHandler`` treat all permissions related to the model registeredwith in default. But sometime you may want to exclude some permissions orinclude some permissions. To regulate permissions treated, use ``includes``and ``excludes`` attributes.

``includes`` attribute is set to``permissions.handlers.base.get_model_permissions`` function in default. That's meanyour newly created ``PermissionHandler`` will treat all permissions which relatedto the model. If you want to specify permissions, set a list/tuple or afunction which have one argument. The ``PermissionHandler`` instance will begiven as first argument.

``excludes`` attribute is set to ``None`` in default. If you want to excludesome permissions from ``includes``, set a list/tuple or a function whichtreated same as the function used in ``includes``.

# you have to register the handler with the model # even AppPermissionHandler doesn't care about model registry.register(YourModel, AppPermissionHandler) # registry.register(HisModel, AppPermissionHandler) # or you can register with HisModel # registry.register(HerModel, AppPermissionHandler) # or you can register with HerModel

.. Note:: If you use ``user.has_perm()`` method in ``has_perm()`` method of ``PermissionHandler``, make sure the permission is not treated with the handler.